Virus: Microsoft Security Alerts

Dell / Dell dv051...
May 8, 2010 at 14:18:59
Specs: Microsoft Windows XP Professional, 2.793 GHz / 1014 MB
I just got my desktop back from being restored for this same issue less than 24 hours ago (It is also affecting my brand new 2 day old laptop). Someone in my household went to weather .com and the windows fake software scanner came up saying we had viruses. We clicked off it but it obviously did damage to something in the registry. I did not realize I had a problem until I was trying to download Norton from the Comcast site and it would not download on either pc. I then saw the little red balloon in the task bar that keeps telling me I’m affected. I’m also being redirected whenever I try to update any of my software and I get the yellow popup warning me I am affected as well. I did manage to download and update malwarebytes (from another pc) and it found the following:

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.166.105 93.188.161.105 1.2.3.4 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9dc76162-ea63-4964-9d9a-65841bc1bdef}\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.166.105 93.188.161.105 1.2.3.4 -> Quarantined and deleted successfully.

The software does seem to have removed the above but I still having the same problems.

Frustrated -- ChaiGirl


See More: Virus: Microsoft Security Alerts

Report •

#1
May 11, 2010 at 18:42:09
I am fixed -- I had the trojan.dnschanger in my system that affected my router. Both PC's were infected when hooked to it. I used Malwarebytes to remove the trojan, reset the router, and use the command ipconfig /flushdns to flush each PC.

I can now update software and no trojan shows in any virus scan.

Good luck to others -- ChaiGirl


Report •
Related Solutions


Ask Question